Add tests for named access checks on DOMWindow
authorrniwa@webkit.org <rniwa@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 21 May 2013 03:43:40 +0000 (03:43 +0000)
committerrniwa@webkit.org <rniwa@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 21 May 2013 03:43:40 +0000 (03:43 +0000)
https://bugs.webkit.org/show_bug.cgi?id=116512

Reviewed by Geoffrey Garen.

Merge https://chromium.googlesource.com/chromium/blink/+/9207625a100abe9b72333ac5dba02b38ca5f4466

* http/tests/security/xss-DENIED-window-name-alert-expected.txt: Added.
* http/tests/security/xss-DENIED-window-name-alert.html: Added.
* http/tests/security/xss-DENIED-window-name-navigator-expected.txt: Added.
* http/tests/security/xss-DENIED-window-name-navigator.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@150403 268f45cc-cd09-0410-ab3c-d52691b4dbfc

LayoutTests/ChangeLog
LayoutTests/http/tests/security/xss-DENIED-window-name-alert-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/security/xss-DENIED-window-name-alert.html [new file with mode: 0644]
LayoutTests/http/tests/security/xss-DENIED-window-name-navigator-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/security/xss-DENIED-window-name-navigator.html [new file with mode: 0644]

index b8937b8f4eb751ac12b57a025741a57ba786896f..34c15f41ea1f30acd0e8bc3ed5c7555a5a10a725 100644 (file)
@@ -1,3 +1,17 @@
+2013-05-20  Ryosuke Niwa  <rniwa@webkit.org>
+
+        Add tests for named access checks on DOMWindow
+        https://bugs.webkit.org/show_bug.cgi?id=116512
+
+        Reviewed by Geoffrey Garen.
+
+        Merge https://chromium.googlesource.com/chromium/blink/+/9207625a100abe9b72333ac5dba02b38ca5f4466
+
+        * http/tests/security/xss-DENIED-window-name-alert-expected.txt: Added.
+        * http/tests/security/xss-DENIED-window-name-alert.html: Added.
+        * http/tests/security/xss-DENIED-window-name-navigator-expected.txt: Added.
+        * http/tests/security/xss-DENIED-window-name-navigator.html: Added.
+
 2013-05-20  Ryosuke Niwa  <rniwa@webkit.org>
 
         Null pointer deference in WebCore::AppendNodeCommand::create
diff --git a/LayoutTests/http/tests/security/xss-DENIED-window-name-alert-expected.txt b/LayoutTests/http/tests/security/xss-DENIED-window-name-alert-expected.txt
new file mode 100644 (file)
index 0000000..9c70321
--- /dev/null
@@ -0,0 +1,2 @@
+ALERT: PASS
+
diff --git a/LayoutTests/http/tests/security/xss-DENIED-window-name-alert.html b/LayoutTests/http/tests/security/xss-DENIED-window-name-alert.html
new file mode 100644 (file)
index 0000000..2d17a74
--- /dev/null
@@ -0,0 +1,9 @@
+<script>
+if (window.testRunner)
+    testRunner.dumpAsText();
+</script>
+<iframe sandbox="allow-scripts"
+        src="data:text/html,<script>
+            window.name='alert';
+            alert(top.alert === window ? 'PASS' : 'FAIL');
+            </script>"></iframe>
diff --git a/LayoutTests/http/tests/security/xss-DENIED-window-name-navigator-expected.txt b/LayoutTests/http/tests/security/xss-DENIED-window-name-navigator-expected.txt
new file mode 100644 (file)
index 0000000..ac2dbb3
--- /dev/null
@@ -0,0 +1,3 @@
+CONSOLE MESSAGE: Sandbox access violation: Blocked a frame at "null" from accessing a frame at "http://127.0.0.1:8000".  The frame requesting access is sandboxed and lacks the "allow-same-origin" flag.
+ALERT: PASS
+
diff --git a/LayoutTests/http/tests/security/xss-DENIED-window-name-navigator.html b/LayoutTests/http/tests/security/xss-DENIED-window-name-navigator.html
new file mode 100644 (file)
index 0000000..584e392
--- /dev/null
@@ -0,0 +1,9 @@
+<script>
+if (window.testRunner)
+    testRunner.dumpAsText();
+</script>
+<iframe sandbox="allow-scripts"
+        src="data:text/html,<script>
+            window.name='navigator';
+            alert(top.navigator === undefined ? 'PASS' : 'FAIL');
+            </script>"></iframe>